Travelers
Application Security Engineer II
Travelers, Greendale, Wisconsin, United States, 53129
TravelersProtect your personal and business investments with Travelers Insurance. From auto to homeowners or business insurance, we have the solution to suit your needs.
Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.
Job CategoryTechnology
What Is the Opportunity?Travelers is seeking an Application Security Engineer II to join our organization as we grow and transform our Technology landscape. Individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with circle leads in a Value Stream on security and performs Application Security testing for Value Stream. Provides guidance on testing to Application Security Engineer I. Performs application architecture security reviews. Partners with Cybersecurity and Enterprise Security Engineering on testing and remediation of vulnerabilities and implementation of Cybersecurity patterns.
What Will You Do?
Support the development of a container image security strategy to include supply chain risk initiatives.
Support the container image security strategy implementation and integration with DevOps pipelines.
Promote a culture around secure container development.
Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals.
Work independently to tackle well-scoped and loosely scoped problems.
Seek opportunities to expand technical knowledge and capabilities.
Provide technical guidance and mentorship to less experienced employees.
Perform other duties as assigned.
What Will Our Ideal Candidate Have?
Bachelor's degree plus four years of modern application development or application security experience.
Moderate experience with development in AWS.
Moderate knowledge and understanding of container security and related risks.
Moderate knowledge and experience with build (CI/CD) pipeline technologies such as GitHub Actions, Jenkins, and/or GitLab CI/CD.
Experience with container image hardening and base image management.
Experience building infrastructure as code (IaC) and/or analyzing IaC against misconfigurations taking a secure by design approach.
Experience with integrating and managing tools involving SAST, SCA, and Secrets scanning capabilities.
Familiarity of microservices architecture and design patterns.
Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace.
Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively.
Strong problem solver who ensures solutions are built for the long term.
Strong communicator who possesses the ability to articulate information clearly and concisely with the business.
Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers.
What is a Must Have?
Three years of system security experience.
What Is in It for You?
Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum.
Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs.
Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved.
Employment PracticesTravelers is an equal opportunity employer. We believe that we can deliver the very best products and services when our workforce reflects the diverse customers and communities we serve.
In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.
#J-18808-Ljbffr
Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.
Job CategoryTechnology
What Is the Opportunity?Travelers is seeking an Application Security Engineer II to join our organization as we grow and transform our Technology landscape. Individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with circle leads in a Value Stream on security and performs Application Security testing for Value Stream. Provides guidance on testing to Application Security Engineer I. Performs application architecture security reviews. Partners with Cybersecurity and Enterprise Security Engineering on testing and remediation of vulnerabilities and implementation of Cybersecurity patterns.
What Will You Do?
Support the development of a container image security strategy to include supply chain risk initiatives.
Support the container image security strategy implementation and integration with DevOps pipelines.
Promote a culture around secure container development.
Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals.
Work independently to tackle well-scoped and loosely scoped problems.
Seek opportunities to expand technical knowledge and capabilities.
Provide technical guidance and mentorship to less experienced employees.
Perform other duties as assigned.
What Will Our Ideal Candidate Have?
Bachelor's degree plus four years of modern application development or application security experience.
Moderate experience with development in AWS.
Moderate knowledge and understanding of container security and related risks.
Moderate knowledge and experience with build (CI/CD) pipeline technologies such as GitHub Actions, Jenkins, and/or GitLab CI/CD.
Experience with container image hardening and base image management.
Experience building infrastructure as code (IaC) and/or analyzing IaC against misconfigurations taking a secure by design approach.
Experience with integrating and managing tools involving SAST, SCA, and Secrets scanning capabilities.
Familiarity of microservices architecture and design patterns.
Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace.
Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively.
Strong problem solver who ensures solutions are built for the long term.
Strong communicator who possesses the ability to articulate information clearly and concisely with the business.
Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers.
What is a Must Have?
Three years of system security experience.
What Is in It for You?
Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum.
Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs.
Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved.
Employment PracticesTravelers is an equal opportunity employer. We believe that we can deliver the very best products and services when our workforce reflects the diverse customers and communities we serve.
In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.
#J-18808-Ljbffr